On 15 Nov 2018, at 14:27, MarkCS wrote:
So I've been tasked with researching an issue with the mail server at
work.
We use Spamassassin and at present, it's not blocking some pretty
obvious
spam, largely from the domain qq.com. Basically email is slipping
through,
being bounced back at the end receiving server, then our server tries
to
bounce back to qq.com, which doesn't exist at that point and we get a
bounce
message. Hundreds of these suckers are coming through daily.
As John said, absolutely blocking a whole domain is best done before
SpamAssassin, in the MTA (in your case that looks like Postfix.)
In fact, all of John's reply was good. There's one thing he was probably
too polite to mention though...
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on <ourserver>
Upgrade SA. 3.3.2 is antique and hasn't seen any updates in (as note) 7+
years. Each 3.4.x release has added useful functionality. Substantial
parts of the default ruleset are wrapped in version checks because they
demand 3.4.x features.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
